Note: The job is a remote job and is open to candidates in USA. Apps Associates is seeking a Security & Privacy Analyst to support the organization's information security, privacy, compliance, and governance programs. This role will partner closely with the Director of Information Security & Corporate Governance and serve as a key contributor to maintaining and enhancing the company's security and privacy posture.
Responsibilities
- Support the organization's information security and compliance programs
- Assist with customer security assessments, questionnaires, and due diligence requests
- Support annual audits and certifications, including SOC and ISO-related activities
- Collect, organize, and maintain compliance evidence and documentation
- Assist with policy development, maintenance, and periodic reviews
- Monitor regulatory, contractual, and customer security requirements
- Support compliance with applicable privacy regulations, including GDPR, CCPA/CPRA, and other data protection requirements
- Coordinate Data Subject Access Requests (DSARs) and other privacy-related requests
- Maintain Records of Processing Activities (RoPA) and privacy documentation
- Participate in Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs)
- Support vendor privacy reviews and data protection agreement tracking
- Assist with privacy incident documentation and response activities
- Support third-party risk management and vendor assessments
- Assist with risk assessments and remediation tracking
- Maintain governance, risk, and compliance records and reporting
- Support security and privacy metrics, reporting, and dashboards
- Assist with implementation and administration of governance, risk, and compliance (GRC) platforms
- Coordinate security and privacy awareness initiatives
- Assist with compliance training administration and tracking
- Develop communication and awareness materials to promote security and privacy best practices
- Partner with Security, Legal, Contracts, Human Resources, IT, and business teams to support compliance objectives
- Assist with customer and vendor contract reviews related to security and privacy requirements
- Participate in internal projects to ensure security and privacy considerations are appropriately addressed
- Support customer, vendor, and audit inquiries as needed
Skills
- 3–5 years of experience in information security, privacy, compliance, governance, audit, risk management, or a related field
- Working knowledge of information security principles and controls
- Familiarity with security, privacy, and compliance frameworks and regulations, including HIPAA, PCI DSS, FERPA, GDPR, CCPA/CPRA, or similar requirements
- Strong organizational, analytical, and documentation skills
- Excellent written and verbal communication skills
- Ability to manage multiple priorities in a fast-paced environment
- Ability to work independently with limited supervision
- Proficiency with Microsoft Office applications, including Excel, Word, and PowerPoint
- Experience supporting SOC 1, SOC 2, ISO 27001, or similar compliance frameworks
- Experience with vendor risk management and customer security questionnaires
- Familiarity with privacy assessments, data mapping, and data governance activities
- Experience with governance, risk, and compliance (GRC) platforms
- Knowledge of artificial intelligence (AI) technologies, AI governance frameworks, privacy considerations, and emerging regulatory requirements (e.g., ISO 42001, EU AI Act) is highly desirable
- Security+, CCSK, CIPP, CIPM, CRISC, CISA, or similar certifications
- Experience within a professional services, consulting, or technology organization
Company Overview
Company H1B Sponsorship